[Git][security-tracker-team/security-tracker][master] automatic update

Sat, 21 Jul 2018 01:10:52 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
09044b25 by security tracker role at 2018-07-21T08:10:14+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,7 @@
+CVE-2018-14491
+       RESERVED
+CVE-2018-14490
+       RESERVED
 CVE-2018-14489
        RESERVED
 CVE-2018-14488
@@ -4316,7 +4320,7 @@ CVE-2018-1000530
 CVE-2018-1000529 (Grails Fields plugin version 2.2.7 contains a Cross Site 
Scripting ...)
        NOT-FOR-US: Grails Fields plugin
 CVE-2018-1000528 (GONICUS GOsa version before commit ...)
-       {DSA-4239-1}
+       {DSA-4239-1 DLA-1436-1}
        - gosa 2.7.4+reloaded3-5 (low; bug #902723)
        NOTE: 
https://github.com/gosa-project/gosa-core/commit/56070d6289d47ba3f5918885954dcceb75606001
        NOTE: https://github.com/gosa-project/gosa-core/issues/14
@@ -28630,10 +28634,10 @@ CVE-2018-3773
        RESERVED
 CVE-2018-3772
        RESERVED
-CVE-2018-3771
-       RESERVED
-CVE-2018-3770
-       RESERVED
+CVE-2018-3771 (An XSS in statics-server <= 0.0.9 can be used via injected 
iframe in ...)
+       TODO: check
+CVE-2018-3770 (A path traversal exists in markdown-pdf version <9.0.0 that 
allows a ...)
+       TODO: check
 CVE-2018-3769 (ruby-grape ruby gem suffers from a cross-site scripting (XSS) 
...)
        - ruby-grape <unfixed> (bug #903086)
        [stretch] - ruby-grape <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/09044b25aa2b7ac6aa6b72e249a0e1de11f5e34d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/09044b25aa2b7ac6aa6b72e249a0e1de11f5e34d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to